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IPv6 Router Advertisement Option for DNS Configuration 
Status of This Memo 
This memo defines an Experimental Protocol for the Internet 
community. It does not specify an Internet standard of any kind. 
Discussion and suggestions for improvement are requested. 


Distribution of this memo is unlimited. 


Abstract 


This document specifies a new IPv6 Router Advertisement option to 
allow IPv6 routers to advertise DNS recursive server addresses to 
IPv6 hosts. 
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Introduction 


Neighbor Discovery (ND) for IP Version 6 and IPv6 Stateless Address 
Autoconfiguration provide ways to configure either fixed or mobile 
nodes with one or more IPv6 addresses, default routers and some other 
parameters [2][3]. To support the access to additional services in 
the Internet that are identified by a DNS name, such as a web server, 
the configuration of at least one recursive DNS server is also needed 
for DNS name resolution. 


It is infeasible for nomadic hosts, such as laptops, to be configured 
manually with a DNS resolver each time they connect to a different 
wireless LAN (WLAN) such as IEEE 802.11 a/b/g [12]-[15]. Normally, 
DHCP [6]-[8] is used to locate such resolvers. This document 
provides an alternate, experimental mechanism which uses a new IPv6 
Router Advertisement (RA) option to allow IPv6 routers to advertise 
DNS recursive server addresses to IPv6 hosts. 


1. Applicability Statements 


The only standards-track DNS configuration mechanism in the IETF is 
DHCP, and its support in hosts and routers is necessary for reasons 
of interoperability. 


RA-based DNS configuration is a useful, optional alternative in 
networks where an IPv6 host’s address is autoconfigured through IPv6 
stateless address autoconfiguration, and where the delays in 
acquiring server addresses and communicating with the servers are 
critical. RA-based DNS configuration allows the host to acquire the 
nearest server addresses on every link. Furthermore, it learns these 
addresses from the same RA message that provides configuration 
information for the link, thereby avoiding an additional protocol 
run. This can be beneficial in some mobile environments, such as 
with Mobile IPv6 [10]. 


The advantages and disadvantages of the RA-based approach are 
discussed in [9] along with other approaches, such as the DHCP and 
well-known anycast addresses approaches. 


.2. Coexistence of RDNSS Option and DHCP Option 


The RDNSS (Recursive DNS Server) option and DHCP option can be used 
together [9]. To order the RA and DHCP approaches, the O (Other 
stateful configuration) flag can be used in the RA message [2]. If 
no RDNSS option is included in the RA messages, an IPv6 host may 
perform DNS configuration through DHCPv6 [6]-[8] regardless of 
whether the O flag is set or not. 
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Definitions 


The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
"SHOULD", “SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 
document are to be interpreted as described in [1]. 


Terminology 


This document uses the terminology described in [2] and [3]. In 
addition, four new terms are defined below: 


o Recursive DNS Server (RDNSS): Server which provides a recursive 
DNS resolution service for translating domain names into IP 
addresses as defined in [4] and [5]. 


o RDNSS Option: IPv6 RA option to deliver the RDNSS information to 
IPv6 hosts [2]. 


o DNS Server List: A data structure for managing DNS Server 
Information in the IPv6 protocol stack in addition to the Neighbor 
Cache and Destination Cache for Neighbor Discovery [2]. 


o Resolver Repository: Configuration repository with RDNSS addresses 
that a DNS resolver on the host uses for DNS name resolution; for 
example, the Unix resolver file (i.e., /etc/resolv.conf) and 
Windows registry. 


Overview 


This document defines a new ND option called RDNSS option that 
contains the addresses of recursive DNS servers. Existing ND 
transport mechanisms (i.e., advertisements and solicitations) are 
used. This works in the same way that hosts learn about routers and 
prefixes. An IPv6 host can configure the IPv6é addresses of one or 
more RDNSSes via RA messages periodically sent by a router or 
solicited by a Router Solicitation (RS). 


Through the RDNSS option, along with the prefix information option 
based on the ND protocol ([2] and [3]), an IPv6 host can perform 
network configuration of its IPv6é address and RDNSS simultaneously 
without needing a separate message exchange for the RDNSS 
information. The RA option for RDNSS can be used on any network that 
supports the use of ND. 


This approach requires RDNSS information to be configured in the 
routers sending the advertisements. The configuration of RDNSS 
addresses in the routers can be done by manual configuration. The 
automatic configuration or redistribution of RDNSS information is 
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possible by running a DHCPv6 client on the router [6]-[8]. The 
automatic configuration of RDNSS addresses in routers is out of scope 
for this document. 


5. Neighbor Discovery Extension 


The IPv6 DNS configuration mechanism in this document needs a new ND 
option in Neighbor Discovery: the Recursive DNS Server (RDNSS) 
option. 


5.1. Recursive DNS Server Option 


The RDNSS option contains one or more IPv6 addresses of recursive DNS 
servers. All of the addresses share the same lifetime value. If it 
is desirable to have different lifetime values, multiple RDNSS 
options can be used. Figure 1 shows the format of the RDNSS option. 


0 1 2 3 
01234567890123456478901234567890 1 
+-+-4+-4+-+-+4+-4+-4+-+-4-4+-+4-4+-4+-4+-+4+-4-4+-+4-4-4+-4-4+-4-4+-4+-4+-4+-4+-4+-4+-4-4+ 

| Type | Length | Reserved 

+-+-4+-4+-+-+4+-4+-4+-+-4-4+-+-4+-4+-4+-+4+-4-4+-+4-4-4+-4+-+4+-4-4+-+4+-4-4+-4-+4+-4-4-4+ 
| Lifetime | 
+-+-4-4+-+-+4+-4+-4+-+-4-4+-+-4+-4+-4+-+4+-4-4+-4+-4-4+-+-+4+-4+-4+-4+-4-4+-4-4+-4-4-4+ 
: Addresses of IPv6 Recursive DNS Servers : 
+-+-4-+-+-+-4+-+-+-4-4+-+4-4-4+-4+-+4+-4-4+-4-4-4+-+-4+-4+-4+-4+-4-4+-4-4+-4-4-4+ 


Figure 1: Recursive DNS Server (RDNSS) Option Format 


Fields: 
Type 8-bit identifier of the RDNSS option type as assigned 
by the IANA: 25 
Length 8-bit unsigned integer. The length of the option 
(including the Type and Length fields) is in units of 
8 octets. The minimum value is 3 if one IPv6 address 


is contained in the option. Every additional RDNSS 
address increases the length by 2. The Length field 
is used by the receiver to determine the number of 
IPv6 addresses in the option. 
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Lifetime 32-bit unsigned integer. The maximum time, in 
seconds (relative to the time the packet is sent), 
over which this RDNSS address MAY be used for name 
resolution. Hosts MAY send a Router Solicitation to 
ensure the RDNSS information is fresh before the 
interval expires. In order to provide fixed hosts 
with stable DNS service and allow mobile hosts to 
prefer local RDNSSes to remote RDNSSes, the value of 
Lifetime should be at least as long as the Maximum RA 
Interval (MaxRtrAdviInterval) in RFC 4861, and be at 
most as long as two times MaxRtrAdvinterval; Lifetime 
SHOULD be bounded as follows: MaxRtrAdviInterval <= 
Lifetime <= 2*MaxRtrAdviInterval. A value of all one 
bits (Oxffffffff) represents infinity. A value of 
zero means that the RDNSS address MUST no longer be 
used. 


Addresses of IPv6 Recursive DNS Servers 
One or more 128-bit IPv6 addresses of the recursive 
DNS servers. The number of addresses is determined 
by the Length field. That is, the number of 
addresses is equal to (Length - 1) / 2. 


Procedure of DNS Configuration 


The procedure of DNS configuration through the RDNSS option is the 
same as with any other ND option [2]. 


Dis 


Procedure in IPv6 Host 


When an IPv6 host receives an RDNSS option through RA, it checks 
whether the option is valid. 


(0) 


If the RDNSS option is valid, the host SHOULD copy the option’s 
value into the DNS Server List and the Resolver Repository as long 
as the value of the Length field is greater than or equal to the 
minimum value (3). The host MAY ignore additional RDNSS addresses 
within an RDNSS option and/or additional RDNSS options within an 
RA when it has gathered a sufficient number of RDNSS addresses. 


If the RDNSS option is invalid (e.g., the Length field has a value 
less than 3), the host SHOULD discard the option. 


Jeong, et al. Experimental [Page 5] 


RFC 5006 IPv6 RA Option for DNS Configuration September 2007 


6. 


6. 


Implementation Considerations 


Note: This non-normative section gives some hints for implementing 
the processing of the RDNSS option in an IPv6 host. 


For the configuration and management of RDNSS information, the 
advertised RDNSS addresses can be stored and managed in both the DNS 
Server List and the Resolver Repository. 


In environments where the RDNSS information is stored in user space 
and ND runs in the kernel, it is necessary to synchronize the DNS 
Server List of RDNSS addresses in kernel space and the Resolver 
Repository in user space. For the synchronization, an implementation 
where ND works in the kernel should provide a write operation for 
updating RDNSS information from the kernel to the Resolver 
Repository. One simple approach is to have a daemon (or a program 
that is called at defined intervals) that keeps monitoring the 
lifetime of RDNSS addresses all the time. Whenever there is an 
expired entry in the DNS Server List, the daemon can delete the 
corresponding entry from the Resolver Repository. 


1. DNS Server List Management 


The kernel or user-space process (depending on where RAs are 
processed) should maintain a data structure called a DNS Server List 
which keeps the list of RDNSS addresses. Each entry in the DNS 
Server List consists of an RDNSS address and Expiration-time as 
follows: 


o RDNSS address: IPv6 address of the Recursive DNS Server, which is 
available for recursive DNS resolution service in the network 
advertising the RDNSS option; such a network is called site in 
this document. 


o Expiration-time: The time when this entry becomes invalid. 
Expiration-time is set to the value of the Lifetime field of the 
RDNSS option plus the current system time. Whenever a new RDNSS 
option with the same address is received, this field is updated to 
have a new expiration time. When Expiration-time becomes less 
than the current system time, this entry is regarded as expired. 


Note: An RDNSS address MUST be used only as long as both the RA 
router lifetime and the RDNSS option lifetime have not expired. 
The reason is that the RDNSS may not be currently reachable or may 
not provide service to the host’s current address (e.g., due to 
network ingress filtering [16][17]). 
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Synchronization between DNS Server List and Resolver Repository 


When an IPv6 host receives the information of multiple RDNSS 
addresses within a site through an RA message with RDNSS option(s), 


it 


stores the RDNSS addresses (in order) into both the DNS Server 


List and the Resolver Repository. The processing of the RDNSS 
option(s) included in an RA message is as follows: 


Jeong, 


Step (a): Receive and parse the RDNSS option(s). For the RDNSS 
addresses in each RDNSS option, perform Step (b) through Step (d). 
Note that Step (e) is performed whenever an entry expires in the 
DNS Server List. 


Step (b): For each RDNSS address, check the following: If the 
RDNSS address already exists in the DNS Server List and the RDNSS 
option’s Lifetime field is set to zero, delete the corresponding 
RDNSS entry from both the DNS Server List and the Resolver 
Repository in order to prevent the RDNSS address from being used 
any more for certain reasons in network management, e.g., the 
breakdown of the RDNSS or a renumbering situation. The processing 
of this RDNSS address is finished here. Otherwise, go to Step 
(c). 


Step (c): For each RDNSS address, if it already exists in the DNS 
Server List, then just update the value of the Expiration-time 
field according to the procedure specified in the second bullet of 
Section 6.1. Otherwise, go to Step (d). 


Step (d): For each RDNSS address, if it does not exist in the DNS 
Server List, register the RDNSS address and lifetime with the DNS 
Server List and then insert the RDNSS address in front of the 
Resolver Repository. In the case where the data structure for the 
DNS Server List is full of RDNSS entries, delete from the DNS 
Server List the entry with the shortest expiration time (i.e., the 
entry that will expire first). The corresponding RDNSS address is 
also deleted from the Resolver Repository. In the order in the 
RDNSS option, position the newly added RDNSS addresses in front of 
the Resolver Repository so that the new RDNSS addresses may be 
preferred according to their order in the RDNSS option for the DNS 
name resolution. The processing of these RDNSS addresses is 
finished here. Note that, in the case where there are several 
routers advertising RDNSS option(s) in a subnet, the RDNSSes that 
have been announced recently are preferred. 


Step (e): Delete each expired entry from the DNS Server List, and 
delete the RDNSS address corresponding to the entry from the 
Resolver Repository. 


et al. Experimental [Page 7] 


RFC 5006 IPv6 RA Option for DNS Configuration September 2007 


7. Security Considerations 


The security of the RA option for RDNSS might be worse than ND 
protocol security [2]. However, any new vulnerability in this RA 
option is not known yet. In this context, it can be claimed that the 
vulnerability of ND is not worse and is a subset of the attacks that 
any node attached to a LAN can do independently of ND. A malicious 
node on a LAN can promiscuously receive packets for any router’s MAC 
address and send packets with the router’s MAC address as the source 
MAC address in the L2 header. As a result, L2 switches send packets 
addressed to the router to the malicious node. Also, this attack can 
send redirects that tell the hosts to send their traffic somewhere 
else. The malicious node can send unsolicited RA or Neighbor 
Advertisement (NA) replies, answer RS or Neighbor Solicitation (NS) 
requests, etc. Also, an attacker could configure a host to send out 
an RA with a fraudulent RDNSS address, which is presumably an easier 
avenue of attack than becoming a rogue router and having to process 
all traffic for the subnet. It is necessary to disable the RA RDNSS 
option in both routers and clients administratively to avoid this 
problem. All of this can be done independently of implementing ND. 
Therefore, it can be claimed that the RA option for RDNSS has 
vulnerabilities similar to those existing in current mechanisms. 


If the Secure Neighbor Discovery (SEND) protocol is used as a 
security mechanism for ND, all the ND options including the RDNSS 
option are automatically included in the signatures [11], so the 
RDNSS transport is integrity-protected. However, since any valid 
SEND node can still insert RDNSS options, SEND cannot verify who is 
or is not authorized to send the options. 


8. IANA Considerations 


The IANA has assigned a new IPv6 Neighbor Discovery Option type for 
the RDNSS option defined in this document. 


Option Name Type 
RDNSS option 25 


The IANA registry for these options is: 
http://www.iana.org/assignments/icmpv6-parameters 
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